
We Held A Meeting To Discuss Three Things:
- To identify what is happening in the country around open source process management
- What we can usefully contribute to increase value in this area for local businesses, projects and government
- Any areas of concern that might need global community assistance
Watch the Meeting:
Identified Challenges Faced for the OpenChain Germany Work Group:
Our current challenge is a lack of momentum in our meeting schedule and discussions. The challenge appears to be caused by two things:
- Lack of time on everyone’s part
- A wide variety of activities making it difficult to focus energy
Identified Priorities for the German Market:
- Enable small and medium sized businesses (and large) to deal with license compliance
- What is OpenChain’s specific value proposition for them
- Supply Chain Risk Management:
- License compliance – ISO/IEC 5230 value proposition
- Security assurance – ISO/IEC 18974 value proposition
(value with or apart from IEC 62443) - Japanese market solution(s) – why they made SPDX Lite
- SBOM Quality (Ericsson + Nokia, interest from US government)
- Regulation:
- Cyber Resilience Act (CRA):
https://digital-strategy.ec.europa.eu/en/policies/cyber-resilience-act
Does ISO/IEC 18974 cover all of this – especially reporting - Product Liability Directive:
https://single-market-economy.ec.europa.eu/single-market/goods/free-movement-sectors/liability-defective-products_en - AI Act:
https://www.europarl.europa.eu/topics/en/article/20230601STO93804/eu-ai-act-first-regulation-on-artificial-intelligence - Digital Operational Resilience Act (DORA):
https://www.eiopa.europa.eu/digital-operational-resilience-act-dora_en
- Cyber Resilience Act (CRA):
Suggested Next Steps:
- Liaise with Bitkom to collaborate / contribute to their work (Marcel will be the contact):
https://www.bitkom.org - Liaise with Open Business Alliance to collaborate / contribute to their work (Jan will be the contact):
https://osb-alliance.de
+
https://eacg-gmbh.github.io/osba-regulatory-monitor/ - Liaise with OSADL to collaborate / contribute to their work (Shane will reach out):
https://www.osadl.org
Discussion Document:
We have created a document to help everyone share ideas (and refine other ideas) about next steps in the country. You can find and add comments to the document here: